Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cloudfoundryCloud FoundryCFOUNDRY:DFA704DB107903FD6151E7230175CC11
HistoryAug 26, 2022 - 12:00 a.m.

USN-5511-1: Git vulnerabilities | Cloud Foundry

2022-08-2600:00:00
Cloud Foundry
www.cloudfoundry.org
10

0.0005 Low

EPSS

Percentile

17.1%

JSON

Severity

Medium

Vendor

Canonical Ubuntu

Versions Affected

  • Canonical Ubuntu 18.04

Description

Carlo Marcelo Arenas Belรณn discovered that an issue related to CVE-2022-24765 still affected Git. An attacker could possibly use this issue to run arbitrary commands as administrator. (CVE-2022-29187) Update Instructions: Run sudo ua fix USN-5511-1 to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: git โ€“ 1:2.17.1-1ubuntu0.12 gitweb โ€“ 1:2.17.1-1ubuntu0.12 git-gui โ€“ 1:2.17.1-1ubuntu0.12 git-daemon-sysvinit โ€“ 1:2.17.1-1ubuntu0.12 git-el โ€“ 1:2.17.1-1ubuntu0.12 gitk โ€“ 1:2.17.1-1ubuntu0.12 git-all โ€“ 1:2.17.1-1ubuntu0.12 git-mediawiki โ€“ 1:2.17.1-1ubuntu0.12 git-daemon-run โ€“ 1:2.17.1-1ubuntu0.12 git-man โ€“ 1:2.17.1-1ubuntu0.12 git-doc โ€“ 1:2.17.1-1ubuntu0.12 git-svn โ€“ 1:2.17.1-1ubuntu0.12 git-cvs โ€“ 1:2.17.1-1ubuntu0.12 git-email โ€“ 1:2.17.1-1ubuntu0.12 No subscription required

CVEs contained in this USN include: CVE-2022-29187.

Affected Cloud Foundry Products and Versions

Severity is medium unless otherwise noted.

  • cflinuxfs3
    • All versions prior to 0.310.0
  • CF Deployment
    • All versions prior to 21.7.0

Mitigation

Users of affected products are strongly encouraged to follow the mitigations below. The Cloud Foundry project recommends upgrading the following releases:

  • cflinuxfs3
    • Upgrade all versions to 0.310.0 or greater
  • CF Deployment
    • Upgrade all versions to 21.7.0 or greater

References

History

2022-08-26: Initial vulnerability report published.

CPENameOperatorVersion
cflinuxfs3lt0.310.0
cf deploymentlt21.7.0

Related

fedora 33
openvas 68
suse 7
nessus 47
ubuntucve 1
freebsd 1
prion 2
ubuntu 3
debiancve 2
cvelist 1
cve 2
alpinelinux 1
redhatcve 1
osv 8
nvd 2
debian 2
redhat 2
almalinux 2
oraclelinux 2
amazon 2
altlinux 2
veracode 1
gentoo 1
photon 2
slackware 1
mageia 1
archlinux 1
mscve 1
fedora
fedora
[SECURITY] Fedora 36 Update: rust-rd-agent-2.1.2-7.fc36
2023-01-31 01:38:02
[SECURITY] Fedora 37 Update: rust-exa-0.10.1-9.fc37
2023-01-29 01:35:05
[SECURITY] Fedora 36 Update: rust-resctl-bench-2.1.2-8.fc36
2023-01-31 01:38:05
openvas
openvas
Fedora: Security Advisory for rust-rd-agent (FEDORA-2023-3ec32f6d4e)
2023-01-31 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:2550-1)
2022-07-27 00:00:00
Huawei EulerOS: Security Advisory for git (EulerOS-SA-2022-2459)
2022-10-10 00:00:00
suse
suse
Security update for libgit2 (important)
2022-10-04 00:00:00
Security update for git (important)
2022-07-26 00:00:00
Security update for git (important)
2022-07-22 00:00:00
nessus
nessus
Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : Git vulnerabilities (USN-5511-1)
2022-07-14 00:00:00
Amazon Linux 2 : git (ALAS-2022-1820)
2022-07-21 00:00:00
Fedora 37 : libgit2 (2023-470c7ea49e)
2023-01-27 00:00:00
ubuntucve
ubuntucve
CVE-2022-29187
2022-07-12 00:00:00
freebsd
freebsd
git -- privilege escalation
2022-07-12 00:00:00
prion
prion
Design/Logic Flaw
2022-07-12 21:15:00
Hardcoded credentials
2022-04-12 18:15:00
ubuntu
ubuntu
Git vulnerabilities
2022-07-13 00:00:00
Git vulnerability
2022-04-12 00:00:00
Git vulnerability
2022-04-25 00:00:00
debiancve
debiancve
CVE-2022-29187
2022-07-12 21:15:09
CVE-2022-24765
2022-04-12 18:15:09
cvelist
cvelist
CVE-2022-29187 Bypass of safe.directory protections in Git
2022-07-12 00:00:00
cve
cve
CVE-2022-29187
2022-07-12 21:15:09
CVE-2022-24765
2022-04-12 18:15:09
alpinelinux
alpinelinux
CVE-2022-29187
2022-07-12 21:15:09
redhatcve
redhatcve
CVE-2022-29187
2022-07-15 05:04:14
osv
osv
git vulnerabilities
2022-07-13 18:30:53
CVE-2022-29187
2022-07-12 21:15:09
git - security update
2022-12-13 00:00:00
nvd
nvd
CVE-2022-29187
2022-07-12 21:15:09
CVE-2022-24765
2022-04-12 18:15:09
debian
debian
[SECURITY] [DLA 3239-2] git regression update
2022-12-14 18:36:03
[SECURITY] [DLA 3239-1] git security update
2022-12-13 22:36:52
redhat
redhat
(RHSA-2023:2859) Moderate: git security and bug fix update
2023-05-16 05:56:35
(RHSA-2023:2319) Moderate: git security and bug fix update
2023-05-09 05:07:19
almalinux
almalinux
Moderate: git security and bug fix update
2023-05-16 00:00:00
Moderate: git security and bug fix update
2023-05-09 00:00:00
oraclelinux
oraclelinux
git security and bug fix update
2023-05-23 00:00:00
git security and bug fix update
2023-05-15 00:00:00
amazon
amazon
Medium: git
2022-07-28 20:36:00
Medium: git
2022-07-19 00:31:00
altlinux
altlinux
Security fix for the ALT Linux 10 package git version 2.33.4-alt1
2022-06-23 00:00:00
Security fix for the ALT Linux 10 package git version 2.33.2-alt1
2022-04-19 00:00:00
veracode
veracode
Privilege Escalation
2022-07-14 17:02:28
gentoo
gentoo
libgit2: Privilege Escalation Vulnerability
2024-01-14 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2022-0220
2022-08-02 00:00:00
Important Photon OS Security Update - PHSA-2022-0184
2022-05-17 00:00:00
slackware
slackware
[slackware-security] git
2022-04-14 21:20:42
mageia
mageia
Updated git packages fix security vulnerability
2022-04-22 20:07:29
archlinux
archlinux
[ASA-202205-2] git: arbitrary command execution
2022-05-16 00:00:00
mscve
mscve
GitHub: Uncontrolled search for the Git directory in Git for Windows
2022-04-12 07:00:00

0.0005 Low

EPSS

Percentile

17.1%

JSON
Related for CFOUNDRY:DFA704DB107903FD6151E7230175CC11
fedora33openvas68suse7nessus47ubuntucve1freebsd1prion2ubuntu3debiancve2cvelist1cve2alpinelinux1redhatcve1osv8nvd2debian2redhat2almalinux2oraclelinux2amazon2altlinux2veracode1gentoo1photon2slackware1mageia1archlinux1mscve1